Jump to content

[Updated] Nexus Trojan/Virus alert

Dark0ne

By Dark0ne
in Site Updates

 Share

Recommended Posts

gorbajev777 Rookie

gorbajev777

Posted
Posted

Pardon me if I seem rude, but was it really necessary to state that most these "wicked people" mostly come from Eastern Europe and Asia?

 

Could you not have just said that it was just "wicked people" without laying the blame on specific groups of people?

 

I somewhat agree Dachshund. The IP's that the exploits were coming from were indeed Eastern European/Asian in origin but that really only tells you where the servers were. ISP's and service providers in Eastern Europe and Asia can be much slacker in who they give accounts to and care less about the consequences. This creates a idea playground for people that want to cover their tracks and work out of countries that won't easily hand over data to investigators.

 

Certainly there's a lot of homegrown cyber-turds in those countries but there's also a lot of folks in other countries just using the servers. A lot of the Spam Kings out there are actually American but run they're mail servers out of those countries. Makes it hard for folks here to collect evidence for prosecution when the servers are on the other side of the planet and the ISP is just ignoring the requests. Or if the country where the server is tries to do something against the spammer then the cost and time it takes to carry out a extradition just isn't worth it to them.

 

After all, identity theft and password stealing is big business and if there's money to be made you'll usually find one of us Americans at the forefront. =)

 

P.S. Hell there might even be some malware writers down in the Lone Star state. =)

Link to comment
Share on other sites
  • Replies 335
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

LHammonds Grand Master

LHammonds

Posted
Posted

Doesn't matter one bit where the attacks come from...if there is a vulnerability, it will be sought out. This is true in life no matter the subject or location.

 

One must know their own strengths and weaknesses truly before being able to defend aptly when necessary.

 

This is something everyone learns when growing from childhood to adulthood and Dark0ne has done an exceptional job at identifying and strengthening his weaknesses. Even though this particular attack came from an outside source, it did not infect the Nexus or the forums.

 

Attacks such as these are growing in number. Gone are the days when it was easy to get create a virus and have it spread all over the place due to OS vulnerabilities. The OS shops are learning their lessons and making it more and more difficult. So the next easy path for virus writers are the 3rd-party applications and services...adobe flash, ads on trusted sites, iPhone applications, etc. We may reach a point were operating systems and web sites are fiercely tough to break but there will always be a weak link in the chain and that is where virus makers will target. And today, it is 3rd-party software and services.

 

LHammonds

Link to comment
Share on other sites
rebel28 Community Regular

rebel28

Posted
Posted
A lot of the Spam Kings out there are actually American but run they're mail servers out of those countries.

 

That reminds me of a game I played called Uplink, where you'd bounce your connections all over the world. Making it harder for people to trace you.

Link to comment
Share on other sites
DeadMansFist849 Grand Master

DeadMansFist849

Posted
Posted

For everyone who is still getting the error:

Download CCleaner Here

Close all browser windows.

Run CCleaner.

 

It will delete your internet cache. :) If this doesn't work, delete the cache some other way--I wouldn't know, though!

Link to comment
Share on other sites
amdsempron2 Rookie

amdsempron2

Posted
Posted

Both firefox and chrome have thier own settings to clear the cache. in firefox click "Tools" then "Privacy" check the box to "clear history when firefox exits" then click the "settings" 1 of which is to empty the cache. I always have firefox clear everything as i have no need of it to remeber my passwords and the like. I personally dont want that info stored on my PC in the event of a hijacking

 

In chrome click "Options" then navigate to the "Under the hood" tab. Select clear browsing data 1 of the options is again to clear the cache.

 

Note: if u store passwords in your browser these will cause it to "forget" your passwords if u choose the option. I personally have no need of stored cookies/passwords on my PC as in my opinion this is a security risk.

 

Note 2: IF YOU HAVE BEEN INFECTED, make sure to change your passwords for anything you may have logged into AFTER your sure your PC is cured. I dont know about the content of this trojan but most are designed to get your personal information and may/may not have contained a keylogger.

 

Good gaming.

Link to comment
Share on other sites
gorbajev777 Rookie

gorbajev777

Posted
Posted

Doesn't matter one bit where the attacks come from...if there is a vulnerability, it will be sought out. This is true in life no matter the subject or location.

 

One must know their own strengths and weaknesses truly before being able to defend aptly when necessary.

 

This is something everyone learns when growing from childhood to adulthood and Dark0ne has done an exceptional job at identifying and strengthening his weaknesses. Even though this particular attack came from an outside source, it did not infect the Nexus or the forums.

 

Attacks such as these are growing in number. Gone are the days when it was easy to get create a virus and have it spread all over the place due to OS vulnerabilities. The OS shops are learning their lessons and making it more and more difficult. So the next easy path for virus writers are the 3rd-party applications and services...adobe flash, ads on trusted sites, iPhone applications, etc. We may reach a point were operating systems and web sites are fiercely tough to break but there will always be a weak link in the chain and that is where virus makers will target. And today, it is 3rd-party software and services.

 

LHammonds

 

I would agree on all points. I also think Dark0ne is doing a great job or I wouldn't have signed up for Premium. =)

I would add that beyond the 3rd party applications exploits, DNS related issues are a big part of the problem. Whether it's spoofing, squating or cache poisoning, it's just to easy to dish out bad info and too easy to get a name. Requiring all the root servers to run DNSSEC is a good start. Over at isc.org in Vexies blog she talks about some things coming down the pipe reguarding name resolution and registration. Makes for a interesting read if your so inclined:

http://www.isc.org/community/blog/201007/taking-back-dns-0

 

On that note I think I'll make a point of stepping back out of a technical discussion on this thread. I've been in I.T. way too long and I'm no longer capable of being anything but "long-winded" when I chat. =)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...